2
Half-days
21
Global Speakers
15
Conferences
Join global high-level speakers and Incident Response experts to prepare in case of any cyberattacks and enhance your response capabilities.
75% of experts, across many industries, consider cyberrisk to be a top concern
Safeguarding against cyberattack in an increasingly digital world,
June 30, 2020 | McKinsey
Virtual Event
In a context where cybersecurity threats are increasing, this event aims to connect private organizations, governments, cyber insurers, lawyers, police and specialists in Response to Incidents to unite against this phenomenon.
Corporate Executives, Security Managers (CISO), and Incident Response specialists are invited to this unique virtual event, which brings together all stakeholders concerned by Cybersecurity threats.
Attend presentations by high-level speakers and Incident Response experts to prepare in case of cyberattacks. You will learn:
- what are the cybersecurity incident situations from which you are not immune;
- how to prepare if a cybersecurity incident arrives;
- the duties of directors and officers in the event of a security breach;
- how cyber insurances can help you;
- how and when to use the Incident Response experts;
- how to lead an investigation after a cybersecurity incident;
And much more …
Date
& time
22nd – 23rd February 2022
8:00-11:30 am EST | 2:00–5:30 pm CET
Register
Key reasons to participate
Management file
Lectures on pre-incident preparedness, management and business elements of cybersecurity
Advanced techniques
Conferences to learn and discuss new techniques and tools in the field
Basic principles
Conferences to develop essential techniques for responding to cybersecurity incidents
Interactive workshops
Workshops on technologies and tools for the prevention and detection of incidents
Get prepared to face and respond to cyber incidents
Conference program
February 22nd
08:20-09:00 (EST)
14:20-15:00 (CET)
INTRODUCTION TO “LIVE FORENSIC”: ACT BEFORE THE DATA GOES OUT
Live forensic investigation applies to the extraction and analysis of data from a live system.
Knowing that any action on a live system will alter it and risk damaging your evidence, when should you perform a hot scan?
How do you prepare before doing so, and how do you act when faced with an active system?
This presentation is an introduction to the implications of computer forensic analysis and some suggested practices you can consider when developing your process.
With Jonathan Papin
08:20-09:00 (EST)
14:20-15:00 (CET)
RANSOMWARE ATTACKS! : ARE YOU READY ?
How to deal with the leakage of sensitive data (personal and corporate data). What are the key considerations when it comes to paying a ransom, especially when the amount is large?
With Katherine Barbacki and Imran Ahmad
09:05-09:45 (EST)
15:05-15:45 (CET)
REPUTATION AND DATA BREACH RISK MANAGEMENT
Data breaches are becoming more and more frequent. When they occur, they can cripple the activities of an organization. In addition, they can lead to significant legal risks and lasting damage to the organization’s reputation. Many businesses are unprepared for a data breach and are therefore vulnerable. Planning is key to being prepared to balance legal and operational concerns with ever-increasing expectations for customer and employee privacy.
With Philippe Gervais
09:05-09:45 (EST)
15:05-15:45 (CET)
CYBER ATTACK RESPONSES 101 FOR SMBS
Your organization is under attack, are you ready? How to react and where to start? Introducing the NIST and SANS Inspired 6 Step Small Business Incident Management Guide with Tips & Tricks!
With Sébastien Harbec
09:50-10:20 (EST)
15:50-16:20 (CET)
PRACTICAL DIGITAL FORENSICS: 15 THINGS FOR YOUR GO-BAG
A modern digital forensic scientist has a wide range of technologies that they must examine and collect, from PCs and home appliances to cell phones and cloud services. This presentation will list 15 essential elements in any field evidence collection go-bag to ensure your digital forensics personnel have what they need to succeed.
With Matthew Snoddy
09:50-10:20 (EST)
15:50-16:20 (CET)
WHY INTELLIGENCE-BASED SECURITY IS ESSENTIAL TO INCIDENT RESPONSE
Security authorities have demonstrated to us for several years now the relevance of intelligence-led security activities. Everything was especially accelerated by the introduction, in the 1990s, of the concept of intelligence-led policing. Essentially, it was a question of using the knowledge of the intelligence services in the development of police activities, with the aim of effectiveness and efficiency. Today, is it possible to apply this concept in computer incident response teams?
With Benoit Gagnon
09:50-10:20 (EST)
15:50-16:20 (CET)
INCIDENT RESPONSE – THE MOST COMMON LESSONS LEARNED AND HOW TO APPLY THEM PROPERLY
This presentation focuses on the final stage of the Security Incident Response (IR) engagement – lessons learned. This is when post-incident guidance is provided to help organizations that arevictims to avoid similar situations in the future. While each case of IR is unique, after seeing enough of them, one can easily notice that many of these recommendations are universal to many otherwise quite distinct incidents. Whether ransomware groups or state actors, many of the attack techniques used and weaknesses targeted by the latter remain broadly similar. So why do some organizations manage to completely overhaul their security posture after a breach, while others struggle under the weight of repeated incidents? As always, the answer is in the details.
With Lukasz Olszewski
10:25-11:05 (EST)
16:25-17:05 (CET)
HOW TO ENGAGE THE BOARD IN CYBERSECURITY
Cybersecurity is now a priority for corporate boards. However, many boards and management teams are still struggling to understand why cybersecurity has become so important and what questions they should be asking.
In this session, Haroon will uncover some “cybersecurity myths” and explain why the board has a crucial role to play in cyber resilience. Haroon will also share some of the key questions that boards and management teams should ask their organization.
With Haroon Malik
10:35-11:15 (EST)
16:35-17:15 (CET)
INDUSTRIAL RANSOMWARE ATTACK: A REAL CASE STUDY
In this session, we’ll dive into the technical, business, and operational aspects of attacking, discuss negotiation methods, introduce containment steps, and discuss ways to harden the network and thwart future attacks. :
- “We have a problem” – When a ransom note disrupts normal operations.
- First on the scene – Assess the situation, mobilize the team and define the action plan.
- Negotiation Methodology – Ransomware Negotiation – Rules of Engagement
- Incident chain of events – Recap of the technical forensic analysis process: uncovering clues, processing millions of log reports, eliminating false positives, understanding the cause of some of the OT devices shutting down and , finally, an account of the attack and its root cause.
- Remediation and Mitigation – Step by step towards restoring productivity and full network recovery.
- Attribution – Discover the perpetrators of the attack, their motives and their methods.
- Lessons learned – Definition of best practices and establishment of a solid policy to reduce future risks.
With Dor Yardeni
10:35-11:15 (EST)
16:35-17:15 (CET)
LESSON FROM THE FIELD: INCIDENT RESPONSE CAN MAKE OR BREAK YOUR CYBERSECURITY STRATEGY
We live in a world where organizations must continually adapt and evolve their cybersecurity defenses. They must contend with an expanding attack surface and adapt to a rapidly changing threat landscape.
With our 16 SOCs and 6,000 cybersecurity experts, we are on the front line to combat cyberattacks and help organizations thwart ever-evolving cyberthreats.
In this session, we’ll share with you testimonials from the field highlighting the pitfalls to avoid when developing your incident response strategy and proven best practices that help organizations securely mitigate cyberattacks. We will also discuss how the organization can prepare for the future adoption of emerging technology trends (Quantum, Autonomous Digital, Hyperscale Edge, Composite AI, 6G…) and the impact on their incident response strategy.
With Zeina Zakhour
February 23rd
08:20-09:00 (EST)
14:20-15:00 (CET)
COMMON PITFALLS TO AVOID: HOW TO PREPARE TO DISCLOSE A DATA BREACH
You have just been notified of a data breach in your organization. Many questions and concerns come to mind: How long does the organization have to notify and report the data breach? How do I report and notify the data breach? What are the legal obligations? What information should be included in the notification/report? How should the organization communicate with the different stakeholders? What are the potential consequences of not notifying a data breach?
Notifying and reporting a breach are certainly the key steps in responding to a privacy breach. This conference focuses on best practices in terms of proper notification and communication, both internally and externally, and will provide you with valuable and practical information and tools.
With Laura Bonnave
08:20-09:00 (EST)
14:20-15:00 (CET)
HOW TO INTEGRATE AI IN THE FIGHT AGAINST CYBER BREACHES?
The world of threats is changing rapidly. With the move to the cloud, the explosion of connected objects and new technologies, the attack surface is increasing exponentially. We will cover the role of artificial intelligence as a driver of cyber defense transformation. How to anticipate the attack? How to improve the speed of detection, analysis and remediation? What are the practical use cases of AI? How can AI help hunt attacks? We will explain in more detail why artificial intelligence is necessary in the fight against cyberattacks in order to be one step ahead.
With Vinod Vasudevan
09:50-10:20 (EST)
15:50-16:20 (CET)
SAILING IN THE STORM | COMMUNICATION IN TIMES OF CRISIS
In a crisis situation, the notoriety accumulated by an organization over the years can be destroyed by ill-prepared public communications, an insufficiently equipped spokesperson, media which, faced with panic, denial and disorganization, will quickly attack to your credibility… a spiral often amplified by high-speed sharing on social media.
Too often, panic becomes the only mode of management and can lead to poor communications, which risks tarnishing the reputation and credibility of the organization, and even causing it irreparable damage. On the other hand, a crisis – managed with efficiency, diligence, transparency, empathy and proactivity – can be a tremendous opportunity.
We still have to prepare to “navigate in the storm”, even before a crisis breaks out! Ready?
With Julie-Anne Vien and Gavin Megaw
10:25-11:05 (EST)
16:25-17:05 (CET)
90 DAYS AFTER A CYBERATTACK
Many conferences address the topic of protection before a cyberattack or the course of a response to a cybersecurity incident.
What is rarely discussed is what happens after such a crisis, when everything is or seems to be back to normal.
Indeed, any crisis is accompanied by collateral damage. And this is only the beginning… What happens after such an event? How is the morale of your troops? What are the new obligations following an incident? What awaits you around the bend? How can you prepare?
Jean-Sébastien will tell us about his experiences and lessons learned.
With Jean-Sébastien Beaulieu
10:25-11:15 (EST)
16:25-17:15 (CET)
THE CLOCK OF ANUBIS – LIVING ON BORROWED TIME AGAINST THE AGGRESSORS
Over the past twelve months, the threat landscape has completely changed. We can see an increase in supply chain attacks, ransomware and an attacker craze for industrial control and IoT systems. Remote work will likely continue to be a target in 2022, so how will you prepare to defend your organization?
With Aamir Lakhani
Key Speakers
How to qualify the notion of real risk of serious damage resulting from a cybersecurity incident?
As not a day passes without the occurrence of a cyber incident, dive in the notion of real risk of serious damage with Mr. Jean-François De Rico, from his intervention at 2020 edition of the Forensik conference.